13 Jun
2008
13 Jun
'08
10:51 p.m.
x-ser(a)sidell.org wrote:
In ser-oob.cfg, the route[AUTHENTICATION] function has
this code:
# Requests from non-local to local domains should be permitted.
# Remove this if you want a walled garden.
if (!$f.did) {
break;
}
I'm guessing that the code is permitting all invites that are
addressed to a local destination, regardless of the source of the
invite, so that the source is not required to authenticate itself. Is
that right?
Not quite. If the from domain (usually the domain mentioned in the hostport
part of the From URI) is known, the attribute $f.did is set otherwise it
isn't. The code breaks out of the route for all requests with a unknown
from domain -- more specifically, a from domain that is not processed by
this proxy.
Also, what is the tersely named $f variable, how does
it get
initialized, and what is the meaning of the .did member?
I did write a short explanation a couple of days ago. It is split into
two postings:
o http://lists.iptel.org/pipermail/serusers/2008-June/035035.html
o http://lists.iptel.org/pipermail/serusers/2008-June/035037.html
If I have some time, I will write this all up properly.
Regards,
Martin